DB: 2015-05-17

6 new exploits
2015-05-17 05:02:09 +00:00 · 2015-05-17 05:02:09 +00:00 · 57c0ae8e73
commit 57c0ae8e73
parent f8d109fa3c
7 changed files with 61 additions and 0 deletions
--- a/files.csv
+++ b/files.csv
@ -33405,3 +33405,9 @@ id,file,description,date,author,platform,type,port
 37019,platforms/php/webapps/37019.txt,"MyBB 1.6.6 index.php conditions[usergroup][] Parameter XSS",2013-03-27,"Aditya Modha",php,webapps,0
 37020,platforms/windows/remote/37020.html,"Apple Safari 5.1.5 For Windows 'window.open()' URI Spoofing Vulnerability",2012-03-28,Lostmon,windows,remote,0
 37021,platforms/php/webapps/37021.txt,"TomatoCart 1.2.0 Alpha 2 'json.php' Local File Include Vulnerability",2012-03-28,"Canberk BOLAT",php,webapps,0
+37022,platforms/php/webapps/37022.txt,"ocPortal 7.1.5 code_editor.php Multiple Parameter XSS",2012-03-28,"High-Tech Bridge",php,webapps,0
+37023,platforms/php/webapps/37023.txt,"EasyPHP 'main.php' SQL Injection Vulnerability",2012-03-29,"Skote Vahshat",php,webapps,0
+37024,platforms/php/webapps/37024.txt,"eZ Publish 4.x 'ezjscore' Module Cross Site Scripting Vulnerability",2012-03-29,"Yann MICHARD",php,webapps,0
+37025,platforms/php/webapps/37025.txt,"PHP Designer 2007 - Personal Multiple SQL Injection Vulnerabilities",2012-03-30,MR.XpR,php,webapps,0
+37026,platforms/php/webapps/37026.txt,"e107 1.0 'view' Parameter SQL Injection Vulnerability",2012-03-30,Am!r,php,webapps,0
+37027,platforms/php/webapps/37027.txt,"Simple Machines Forum (SMF) 2.0.2 index.php scheduled Parameter XSS",2012-03-29,Am!r,php,webapps,0
--- a/platforms/php/webapps/37022.txt
+++ b/platforms/php/webapps/37022.txt
@ -0,0 +1,13 @@
+source: http://www.securityfocus.com/bid/52768/info
+
+ocPortal is prone to multiple cross-site scripting vulnerabilities and an arbitrary file-disclosure vulnerability because the application fails to sufficiently sanitize user-supplied data.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, and obtain sensitive information.
+
+ocPortal versions prior to 7.1.6 are vulnerable. 
+
+http://www.example.com/code_editor.php?path=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E
+
+http://www.example.com/code_editor.php?path&line=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E
+
+http://www.example.com/site/catalogue_file.php?original_filename=1.txt&file=%252e%252e%252f%252e%252e%252finfo.php 
--- a/platforms/php/webapps/37023.txt
+++ b/platforms/php/webapps/37023.txt
@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/52781/info
+
+EasyPHP is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.
+
+A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. 
+
+http://www.example.com/home/sqlite/main.php?dbsel=1&table=t1' 
--- a/platforms/php/webapps/37024.txt
+++ b/platforms/php/webapps/37024.txt
@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/52807/info
+
+eZ Publish is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
+
+eZ Publish 4.6 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/ezjscore/call<img%20src%3Dlien%20onerror%3Dalert(document.cookie)>/ezjsc:time 
--- a/platforms/php/webapps/37025.txt
+++ b/platforms/php/webapps/37025.txt
@ -0,0 +1,8 @@
+source:  http://www.securityfocus.com/bid/52819/info
+
+PHP Designer 2007 - Personal is prone multiple SQL-injection vulnerabilities.
+
+A successful exploit will allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 
+
+http://www.example.com/read_news.php?news_id=[Sqli]
+http://www.example.com/announce.php?id=[Sqli] 
--- a/platforms/php/webapps/37026.txt
+++ b/platforms/php/webapps/37026.txt
@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/52821/info
+
+e107 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+e107 1.0.0 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/index.php?option=com_flexicontent&view=[Sql] 
--- a/platforms/php/webapps/37027.txt
+++ b/platforms/php/webapps/37027.txt
@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/52822/info
+
+Simple Machines Forum is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
+
+Simple Machines Forum 2.0.2 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/index.php?scheduled=[Xss]